Read the original article: Stronger Together — Building Cyber Resilience As new ways of work are coupled with a growing prevalence of malware and ransomware, cyber resilience has become top of mind in boardrooms around the world. The post Stronger…
Category: Security Intelligence
Advocating Security Fundamentals During and After COVID-19
Read the original article: Advocating Security Fundamentals During and After COVID-19 The COVID-19 health crisis almost instantly changed how the world works, bringing with it new security threats and challenges. As organizations work to find the path forward and emerge…
IBM Named a Leader in ‘The Forrester Wave™: Risk-Based Authentication, Q2 2020’
Read the original article: IBM Named a Leader in ‘The Forrester Wave™: Risk-Based Authentication, Q2 2020’ In today’s hybrid multicloud environment, users expect to be able to access their work and personal resources from wherever they are, whenever they need…
Measuring the Effectiveness of AI in the SOC
Read the original article: Measuring the Effectiveness of AI in the SOC Technology professionals need to be able to prove the value that any new tool brings — especially a security-focused AI one — and demonstrate the revenue gained or…
The Connection Between Cloud Service Providers and Cyber Resilience
Read the original article: The Connection Between Cloud Service Providers and Cyber Resilience Cloud service providers offer great performance and resilience, but ultimately it is up to individual organizations to determine whether these long-known advantages outweigh the possible downsides. The…
Spotting the Gray Rhinos Charging Toward Your Business Continuity Posture
Read the original article: Spotting the Gray Rhinos Charging Toward Your Business Continuity Posture Preparing for the Unpredictable There may be some elephants in the board room from time to time, but what about Black Swans or Gray Rhinos? Many…
SMBs Are Ready to Grow Into Enterprise Mobility Management (EMM) and Beyond
Read the original article: SMBs Are Ready to Grow Into Enterprise Mobility Management (EMM) and Beyond SMBs require enterprise-class solutions around mobility and endpoint management, but delivered in the way smaller firms acquire, deploy and manage IT management systems. The…
Take a Bite Out of Sweyn
Read the original article: Take a Bite Out of Sweyn If you work in the healthcare industry, you may have heard about a family of vulnerabilities called “SweynTooth.” But how serious is SweynTooth, and what should hospitals be doing to…
Why Security Orchestration, Automation and Response (SOAR) Is Fundamental to a Security Platform
Read the original article: Why Security Orchestration, Automation and Response (SOAR) Is Fundamental to a Security Platform Placing SOAR at the heart of a security platform helps teams extend and maximize value across the ecosystem and to any security process…
Refocusing Cybersecurity Best Practices on Security Hygiene
Read the original article: Refocusing Cybersecurity Best Practices on Security Hygiene Attackers often increase their efforts to breach networks and systems during troubling times. As organizations around the world focus on the COVID-19 pandemic, security hygiene should be a focus,…
Five Common Data Security Pitfalls: Do You Know How to Avoid Them?
Read the original article: Five Common Data Security Pitfalls: Do You Know How to Avoid Them? By avoiding these common data security failures, organizations can protect their valuable assets and steer clear of the next major data breach. The post…
How Chatbots Can Help Bridge Business Continuity and Cybersecurity
Read the original article: How Chatbots Can Help Bridge Business Continuity and Cybersecurity With the range of challenges facing organizations right now, chatbots may be one solution that can help ensure both business continuity and security continuity. The post How…
What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic
Read the original article: What the Data Is Telling Us About the Current Rise in Security Threats During the COVID-19 Pandemic IBM X-Force Research has been seeing a significant number of new malicious domains related to COVID-19 appear in the…
X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware
Read the original article: X-Force IRIS Overcomes Broken Decryption Mechanism in Jest Ransomware IBM X-Force Incident Response and Intelligence Services (IRIS) recently helped a company fend off a ransomware attack by building a custom decryptor for a strain of ransomware…
When Implementing Zero Trust, Context Is Everything
Read the original article: When Implementing Zero Trust, Context Is Everything Why, with all these layers of protection, are we still experiencing expensive breaches? Here’s why sharing context between security silos is the bedrock of a successful Zero Trust implementation.…
How to Build Usability Into Your Security Program
Read the original article: How to Build Usability Into Your Security Program Having solid security measures in place is a necessary condition for achieving your organization’s overarching goals, but user productivity requires both security and usability. The post How to…
Manage All the Things: Unified Endpoint Management (UEM) and the Expanding IoT
Read the original article: Manage All the Things: Unified Endpoint Management (UEM) and the Expanding IoT Having management functions and visibility across wearables, ruggedized endpoints and other connected IoT equipment can give a business greater situational awareness when it comes…
Stick the Landing: 6 Steps to Broaden Your Cyber Resilience Web
Read the original article: Stick the Landing: 6 Steps to Broaden Your Cyber Resilience Web Cyber resilience is now critical to speeding remediation and boosting recovery after a security event. To stick the landing, enterprises must move beyond funnels and…
Should Organizations Be Operating Outside of Their Risk Appetite?
Read the original article: Should Organizations Be Operating Outside of Their Risk Appetite? Organizations should know where to draw what may be a new line in their risk appetite, so they can weigh the amount of risk they are willing…
Build a Culture of Holistic Risk Awareness Throughout Your Workforce
Read the original article: Build a Culture of Holistic Risk Awareness Throughout Your Workforce Here are several strategies for building a culture of risk awareness throughout your workforce in such a way that workers aren’t just looking for specific threats,…
Zeus Sphinx Back in Business: Some Core Modifications Arise
Read the original article: Zeus Sphinx Back in Business: Some Core Modifications Arise With Zeus Sphinx back in the financial cybercrime arena, IBM X-Force is providing a technical analysis of the Sphinx Trojan’s current version, which was first released in…
Develop Tailored Cybersecurity Self-Assessments to Help Secure Your Remote Workforce
Read the original article: Develop Tailored Cybersecurity Self-Assessments to Help Secure Your Remote Workforce Promote security awareness among your remote workforce and inform future training efforts by distributing tailored cybersecurity self-assessments to your employees. The post Develop Tailored Cybersecurity Self-Assessments…
Does Your Security Awareness and Training Program Account for Changing Work Environments?
Read the original article: Does Your Security Awareness and Training Program Account for Changing Work Environments? A shift to remote working demands security awareness and training programs quickly pinpoint an active people-centric strategy to address the needs of changing environments.…
Support Remote Workforce Productivity With Secure Cloud Services
Read the original article: Support Remote Workforce Productivity With Secure Cloud Services The remote workforce has become increasingly mainstream around the world, but this model depends on thorough cloud security to ensure business operations can continue. The post Support Remote…
Are Current Security Assurance Models Suitable for the Digital World?
Read the original article: Are Current Security Assurance Models Suitable for the Digital World? A proactive security assurance model is a key enabler for delivering an effective operating model that encompasses the protection of people, processes and technology. The post…
Accelerate Your Digital Transformation with Security
Read the original article: Accelerate Your Digital Transformation with Security Security with IBM Garage is a bold, comprehensive approach to security innovation and digital transformation. The post Accelerate Your Digital Transformation with Security appeared first on Security Intelligence. Advertise…
What We Learned Defining Successful Zero Trust Client Journeys
Read the original article: What We Learned Defining Successful Zero Trust Client Journeys A security services provider can help assess security gaps for a specific use case scenario against a Zero Trust model and align security priorities to address the…
6 Things to Do After Implementing Cybersecurity AI for Alert Management
Read the original article: 6 Things to Do After Implementing Cybersecurity AI for Alert Management Once cybersecurity AI automates threat monitoring tasks, what should infosec pros do next? Here are six ways to improve your post-AI security strategy. The post…
Gain Visibility Into Operational Technology (OT) Environments With a Combined SOC
Read the original article: Gain Visibility Into Operational Technology (OT) Environments With a Combined SOC Organizations can attain visibility into their operational technology (OT) environments by building out a combined OT/IT security operations center. The post Gain Visibility Into Operational…
TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam
Read the original article: TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam Recent analysis from IBM X-Force spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S.…
Ad Hoc or Managed Penetration Testing: Which One Is Best for You?
Read the original article: Ad Hoc or Managed Penetration Testing: Which One Is Best for You? Due to legal regulations, internal policies, executive requests, and the desire to beat threat actors and avoid breaches, penetration testing is becoming a common…
SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT
Read the original article: SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT As the ongoing COVID-19 pandemic impacts small businesses in the U.S., cybercriminals are trusting that people will be more likely to open unsolicited emails purporting to come…
Safeguard Sensitive Data With a Next-Generation Data Security Approach
Read the original article: Safeguard Sensitive Data With a Next-Generation Data Security Approach A next-generation data security approach is about holistically understanding the organization’s security posture and mitigating the greatest risks to sensitive data, no matter where it resides. The…
New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam
Read the original article: New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam Since March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19 spam, with lures ranging the full gamut of challenges and concerns…
Is a Managed Security Services Provider (MSSP) Right for Your Organization?
Read the original article: Is a Managed Security Services Provider (MSSP) Right for Your Organization? Leveraging a managed security services provider can help reduce risk and improve incident response. But when should companies make the call? The post Is a…
Achieve Flexibility in Business Through Digital Trust and Risk Management
Read the original article: Achieve Flexibility in Business Through Digital Trust and Risk Management Flexibility in business is a core competency. Information security can contribute to it by creating digital trust and high-performing teams who are well-trained in risk management.…
New Android Banking Trojan Targets Spanish, Portuguese Speaking Users
Read the original article: New Android Banking Trojan Targets Spanish, Portuguese Speaking Users IBM X-Force recently analyzed a new Android banking Trojan dubbed “Banker.BR” that appears to be targeting users in Spain, Portugal, Brazil and other parts of Latin America.…
COVID-19’s Remote Workforce: Protect Your Rapidly Growing Attack Surface
Read the original article: COVID-19’s Remote Workforce: Protect Your Rapidly Growing Attack Surface With elevated endpoint risk and the need to respond rapidly to cybersecurity incidents, a managed detection and response (MDR) team can deploy quickly to virtually supplement your…
Defragging Security With a Platform Approach
Read the original article: Defragging Security With a Platform Approach With cyberattacks at an all-time high, security leaders must strike a balance between comprehensive security and runaway complexity. This webinar discusses what a security platform can do to help. The…
Extend Your Incident Response Program to DevOps With Security Automation
Read the complete article: Extend Your Incident Response Program to DevOps With Security Automation By linking security and DevOps use cases through common automation practices, security teams can better scale their ability to respond quickly and effectively to security incidents.…
TA505 Continues to Infect Networks With SDBbot RAT
IBM X-Force IRIS recently identified attacks likely linked to Hive0065, also known as TA505, which spread the SDBbot remote-access Trojan (RAT) alongside other custom malware. The post TA505 Continues to Infect Networks With SDBbot RAT appeared first on Security Intelligence.…
Grandoreiro Malware Now Targeting Banks in Spain
A familiar malware threat called Grandoreiro, a remote-overlay banking Trojan that typically affects bank customers in Brazil, has spread to attack banks in Spain. The post Grandoreiro Malware Now Targeting Banks in Spain appeared first on Security Intelligence. Advertise…
Take a Data-Centric Approach to Zero Trust to Protect Your Most Critical Assets
In today’s environments, where sensitive data is everywhere, organizations need strong, flexible frameworks such as Zero Trust to ensure business continuity, compliance and customer trust. The post Take a Data-Centric Approach to Zero Trust to Protect Your Most Critical Assets…
Why Hybrid Cloud Environments Require More Than Just First-Generation IDaaS Solutions
Every organization around the world is on a journey to cloud, each one facing the need to reinvent themselves with engaging omnichannel digital experiences to remain relevant in a hyper-competitive market. At the core of supporting a hybrid cloud environment…
Lock Down Personal Smart Devices to Improve Enterprise IoT Security
Connecting remotely is about more than a strong Wi-Fi password and VPN. Be sure to understand and manage the risks of smart devices in your home to bolster personal and enterprise IoT security. The post Lock Down Personal Smart Devices…
Phishers and iPhone Thieves Rolling Out Multimillion-Dollar Operations
Going down the rabbit hole of a physical iPhone theft followed by a SMiShing campaign, IBM X-Force IRIS researchers found a large-scale operation of phishers with over 600 phishing domains. The post Phishers and iPhone Thieves Rolling Out Multimillion-Dollar Operations…
Android Enterprise Adds Flexibility But Still Calls for UEM Solutions
Android Enterprise simplifies device management and concretizes work and personal usage, but does not bring security to the legacy framework. Implementing a strong UEM solution can fill in the gaps. The post Android Enterprise Adds Flexibility But Still Calls for…
ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework
Financially motivated, adaptable, sophisticated and persistent, the ITG08 threat group is likely to remain one of the most potent cybercriminal groups in this new decade. The post ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework appeared first on…
How Relevance Scoring Can Make Your Threat Intelligence More Actionable
Relevance scoring is a technique that correlates the properties of security analysts’ threat intelligence and those of their organization, such as the industry and region. The post How Relevance Scoring Can Make Your Threat Intelligence More Actionable appeared first on…
Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release
Since 2017, the IcedID Trojan has received consistent updates that enable it to continue targeting banks and other businesses. Find out what changes were included in the latest major release. The post Breaking the Ice: A Deep Dive Into the…
Effective Data Security Begins With a Strong Tech Foundation
When laying the foundation of your data security and privacy strategy, you will want to prioritize data-centric solutions and consider a Zero Trust approach to minimize risk and facilitate compliance. The post Effective Data Security Begins With a Strong Tech…
Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy
The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19. The post Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam…
Why Adversarial Examples Are Such a Dangerous Threat to Deep Learning
Adversarial examples can throw a wrench in deep learning processes and expose vulnerabilities. Organizations should take steps now to get ahead of these threats before they disrupt data processes. The post Why Adversarial Examples Are Such a Dangerous Threat to…
Recalibrate Insider Threat Controls When Your Employees Are Off the Corporate Network
With the rise of the remote workforce, CISOs need to shift focus from corporate networks to protect against insider threats and risks beyond the traditional perimeter. Here’s what to consider. The post Recalibrate Insider Threat Controls When Your Employees Are…
Do You Know Your Responsibilities When It Comes to Container Security?
Even some of the best cloud service providers (CSPs) won’t provide sufficient container security to satisfy your compliance needs. The post Do You Know Your Responsibilities When It Comes to Container Security? appeared first on Security Intelligence. Advertise on…
TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany
Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component. The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence. Advertise on IT Security…
Extend Your Security Team, Quickly Add Expertise and Help Secure Your Remote Workforce
Organizations around the world are adapting to respond to the impact of the novel coronavirus (COVID-19) and companies may experience increased stress and challenges across their security programs arising from increased remote user demand, site availability impacts, stringent travel restrictions…
Crypto-Risk: Your Data Security Blind Spot
Start thinking about what your organization can do to manage crypto-risk before today’s encryption and security measures fall prey to tomorrow’s attackers and advanced computing tools. The post Crypto-Risk: Your Data Security Blind Spot appeared first on Security Intelligence. …
Crypto-Risk: Your Data Security Blind Spot
Start thinking about what your organization can do to manage crypto-risk before today’s encryption and security measures fall prey to tomorrow’s attackers and advanced computing tools. The post Crypto-Risk: Your Data Security Blind Spot appeared first on Security Intelligence. …
7 Spring Cleaning Tasks to Improve Data Security
Data security is a daily essential, but spring cleaning offers an opportunity to check in on your current practices and make changes where necessary. The post 7 Spring Cleaning Tasks to Improve Data Security appeared first on Security Intelligence. …
4 Principles That Should Define Your Evolving Security Operations Model
It’s never too soon to set the stage for your next-generation security operations model. Here are four important considerations to keep in mind. The post 4 Principles That Should Define Your Evolving Security Operations Model appeared first on Security Intelligence.…
How CIAM Addresses the Challenges of Consumer Identity Management
A consumer identity and access management (CIAM) solution can help enable secure, personalized, omnichannel interactions between consumers and brands. The post How CIAM Addresses the Challenges of Consumer Identity Management appeared first on Security Intelligence. Advertise on IT Security…
9 Best Practices from X-Force Red for Organizations and Employees
As employers rapidly respond to the need to protect their workforce from potential exposure and spread of the novel coronavirus and the disease known as COVID-19, many of your organizations are making the very difficult decision to pivot to a…
How We Learned to Stop Worrying and Embrace Remote Work
The industry is in the midst of a transformation. In this case, it isn’t the omnipresent digital transformation but rather a sudden tectonic shift towards remote work. For many organizations built on the classic, communal office space, this can seem…
Using Mystery Novel Techniques to Track Down Cyberthreats
If you consider yourself a good sleuth who can predict the end of every Agatha Christie novel, you might have a knack for discovering the origins of cyberthreats. The post Using Mystery Novel Techniques to Track Down Cyberthreats appeared first…
EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan
In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force IRIS discovered a backdoor malware strain we named “EnigmaSpark.” The post EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan…
IBM X-Force Threat Intelligence Cybersecurity Brief: Novel Coronavirus (COVID-19)
Global events such as the Novel Coronavirus (COVID-19) make all of us attractive targets for cybersecurity criminals. Whether it’s phishing emails or new targeted scams, these tactics are meant to take advantage of citizens who are understandably concerned about their…
2020 Tax Fraud Trends: How to Protect Yourself at Home and Work
Scammers view tax season as a prime recruiting season for victims. Here are the most prominent tax fraud trends in 2020 and how to protect your identity and business from risks. The post 2020 Tax Fraud Trends: How to Protect…
Grow Your Business With an Evolving Cloud Security Strategy
As the threat landscape becomes more complex every day, it is crucial that you adapt with an ever-evolving cloud security strategy. The post Grow Your Business With an Evolving Cloud Security Strategy appeared first on Security Intelligence. Advertise on…
Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers
It is important that gaming companies are prepared to defend against threats to their consumers and that gamers understand the types of threats they can face in their community. The post Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers…
Inadvertent Insider Threats Present a Unique Challenge to Organizations
While we may imagine inadvertent insider threats as careless people clicking on dodgy emails, this image needs to be updated to include a wide variety of poor security hygiene behaviors. The post Inadvertent Insider Threats Present a Unique Challenge to…
A Proposed New Trust Framework for Physical and Digital Identity Interactions
As we broaden our scope of identity and consider what is required to exchange trusted personal data across physical and digital realms, community interoperability becomes even more important. The post A Proposed New Trust Framework for Physical and Digital Identity…
PXJ Ransomware Campaign Identified by X-Force IRIS
In a recent analysis from IBM’s X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as PXJ ransomware. The post PXJ Ransomware Campaign Identified by X-Force IRIS appeared first on…
Safeguarding Healthcare for the Future With Zero Trust Security
A Zero Trust security model can help healthcare organizations provision access in a more effective manner by focusing on data, workloads and identity. The post Safeguarding Healthcare for the Future With Zero Trust Security appeared first on Security Intelligence. …
How Retail Security Can Welcome IoT Innovations Without Putting Customers at Risk
As organizations rely more on the IoT to enable internet connection at every part of the retail process, the right mindset can go a long way toward achieving a win-win for retail security. The post How Retail Security Can Welcome…
3 Things to Do Today to Help Combat the Gender Gap in Cybersecurity
If we know we stand to gain so much from a more inclusive workforce, what can we do about it? Here are three things you can do today to help combat the gender gap in cybersecurity. The post 3 Things…
In 2020, IoT Security Must Be Part of Your Threat Management Strategy
From a threat management perspective, there is no logic in securing IT equipment while ignoring the IoT devices active in the same environment. Organizations must consider IoT devices as well. The post In 2020, IoT Security Must Be Part of…
Beyond IT: Assessing the Human Impact of Healthcare Cybersecurity
Great healthcare cybersecurity goes beyond IT best practices. Assessing the human element is essential to developing and deploying a holistic approach to security. The post Beyond IT: Assessing the Human Impact of Healthcare Cybersecurity appeared first on Security Intelligence. …
From Nigerian Princes to Bitcoin Trading: Online Scams Have Come a Long Way
Online scams originating from Nigeria have come a long way, and while some stick with the old rich prince ploy, others have devised more elaborate schemes to secure money. The post From Nigerian Princes to Bitcoin Trading: Online Scams Have…
9 Strategies for Retaining Women in Cybersecurity and STEM in 2020
We still have a long way to go to improve gender diversity in the security workforce. Here are nine tips for recruiting and retaining women in cybersecurity and STEM. The post 9 Strategies for Retaining Women in Cybersecurity and STEM…
How a More Connected Approach Can Help With Threat Management
Using capabilities that maximize and connect existing security solutions and data sources can help organizations advance their threat management initiatives in multiple ways. The post How a More Connected Approach Can Help With Threat Management appeared first on Security Intelligence.…
Embracing the Power of Community for Better Security
Threat actors seem to do better than defenders in a key area: collaboration. To effectively fight threats, we need to collaborate as a community and reimagine security as an open construct. The post Embracing the Power of Community for Better…
Career and Management Advice to Improve Diversity From 21 Leading Women in Cybersecurity
There’s a long way to go to close the gender and diversity gap in security. Here is some career and management advice from 21 notable women in cybersecurity. The post Career and Management Advice to Improve Diversity From 21 Leading…
How Human Security Investments Created a Global Culture of Accountability at ADP
Human security is what matters during a cybersecurity crisis, where skills and muscle memory can make the difference in make-or-break moments. The post How Human Security Investments Created a Global Culture of Accountability at ADP appeared first on Security Intelligence.…
Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT
The combination of digital transformation and the “Internet of Everything” is reshaping the modern landscape of OT, IoT and IoMT, meaning threat management must evolve in response. The post Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT…
Measuring Security Risk in a Medical IoT World
To reduce cybersecurity risk, silos among internet of things (IoT) technologies and hospital teams should be broken down and impact across four pillars should be weighed. The post Measuring Security Risk in a Medical IoT World appeared first on Security…
What Is Rich Communication Services? Breaking Down the Benefits and Security Risks
Texting has been available since the 1990s, and it has served us well. Now, Rich Communication Services is here. What kinds of security vulnerabilities are associated with this new tech? The post What Is Rich Communication Services? Breaking Down the…
State of the Phish: IBM X-Force Reveals Current Phishing Attack Trends
Phishing has long been an infection vector of choice for threat actors, and for good reason — it is relatively easy, inexpensive and consistently successful. The post State of the Phish: IBM X-Force Reveals Current Phishing Attack Trends appeared first…
Workforce Versus Consumer IAM: Key Differences and Use Cases
While workforce IAM focuses on a high degree of security, consumer IAM must balance user experience and security at all times. The post Workforce Versus Consumer IAM: Key Differences and Use Cases appeared first on Security Intelligence. Advertise on…
Leverage ATT&CK for ICS to Secure Industrial Control Systems
The core of MITRE ATT&CK for ICS provides an overview of the TTPs associated with threat actors that have carried out attacks against ICS systems. The post Leverage ATT&CK for ICS to Secure Industrial Control Systems appeared first on Security…
How to Avoid Cybersecurity Job Burnout and Go From Unsung Hero to Valued Contributor
The same passion that brought you to your first cybersecurity job could also leave you feeling underappreciated and cause you to slide toward burnout. The post How to Avoid Cybersecurity Job Burnout and Go From Unsung Hero to Valued Contributor…
A Guide to Easy and Effective Threat Modeling
Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker’s point of view. Learn more about building a threat model. The post A Guide to Easy and Effective Threat Modeling…
Scalable Data Protection Is Critical to Support Data Privacy
Organizations are scrambling to figure out the data privacy processes and controls needed to support specific compliance requirements and protect the personal data they store. The post Scalable Data Protection Is Critical to Support Data Privacy appeared first on Security…
What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today
Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks? The post What’s Old Is New, What’s New…
A Road Map for Better Government Cybersecurity From North Dakota
Imagine the impact on the government cybersecurity landscape if the mantra for every U.S. state were something like, “Every student, every school, cyber-educated.” The post A Road Map for Better Government Cybersecurity From North Dakota appeared first on Security Intelligence.…
The Past, Present and Future of Security Information and Event Management (SIEM)
Security information and event management (SIEM) was originally designed to help organizations achieve and maintain compliance, but over the years, it’s evolved to become so much more. The post The Past, Present and Future of Security Information and Event Management…
Municipal Cyberattacks Put Us All at Risk: What Can We Learn From Previous Attacks?
What kinds of state and local government institutions are being targeted by cybercriminals? And what can we learn from recent municipal cyberattacks? The post Municipal Cyberattacks Put Us All at Risk: What Can We Learn From Previous Attacks? appeared first…
Cyberthreat Intelligence Tooling — How to Quickly Locate Your Key Indicators
While there are many cyberthreat intelligence tools and platforms that can locate indicators for you, it is important to understand the process yourself before relying on a tool. The post Cyberthreat Intelligence Tooling — How to Quickly Locate Your Key…
Making Cloud Security a Team Sport
By combining a strategic cloud security program with the right security tools and services, organizations can tackle cloud migration with confidence that risks will be managed effectively. The post Making Cloud Security a Team Sport appeared first on Security Intelligence.…
What the Explosive Growth in ICS-Infrastructure Targeting Means for Security Leaders
The IBM X-Force Threat Intelligence Index 2020 found that industrial control systems became a popular target for specialized actors in 2019. Find out what this means for the future of cybersecurity. The post What the Explosive Growth in ICS-Infrastructure Targeting…